Mon 06/22 |
Introduction
|
Optional: CS61C review
Optional: G&T § 1.1, Craft § 1-1.1, 1.3
|
No discussion!
| HW1 |
Tue 06/23 |
Security Principles
|
Notes (Principles)
Notes (Design Patterns)
Optional: G&T § 1.1.4, 3.4.6
|
Wed 06/24 |
Project 1 released
|
x86, GDB, and Security Principles
(solutions) |
Wed 06/24 |
Buffer Overflows
|
Notes
Smashing The Stack For Fun And Profit, by Aleph One
Optional: G&T § 3.4, Craft § 6.1-6.3
|
Thu 06/25 |
Buffer Overflow Defenses
|
Notes
Optional: G&T § 9.4-9.5; Craft § 6.5-6.7
|
Mon 06/29 |
IND-CPA, OTP and Block ciphers
|
Notes, sections 1-5
Optional: G&T § 8.1.0-8.1.3, 8.1.6-8.1.7; Craft § 7.1, 7.3.2 - 7.3.3
|
Software Security
(solutions) | HW2 |
Tue 06/30 |
Symmetric key encryption + PRG
|
Notes, section 6
AES Demo
|
Wed 07/01 |
Public Key Exchange
|
Notes, section 1
Optional: G&T § 1.3-1.3.1, 1.3.3, 8.2, 8.5.2; Craft § 7.5
|
Cryptography I
(solutions) |
Thu 07/02 |
Public Key Encryption + Hashing
|
Notes, section 2
Optional: G&T § 1.3-1.3.1, 1.3.3, 8.2, 8.5.2
|
Mon 07/06 |
Integrity and Authentication + Key Management
|
Notes
Optional: G&T § 1.3.2, 1.3.4, 8.2.3, 8.3, 8.4.1, 8.4.3; Craft § 7.4.2
|
Cryptography II
(solutions) | HW3 |
Tue 07/07 |
Project 1 due (11:59pm PT)
|
Tue 07/07 |
Hierarchical Key Management + Password Hashing
|
Notes (Key Management)
Notes (Passwords)
|
Wed 07/08 |
Networking Background
|
Notes, section 1-3
Networking terminology quick-reference
Optional: G&T § 5.1-5.1.2, 5.3-5.3.1, 5.4-5.4.2, 6.1-6.1.2, 7.1-7.1.1; Craft § 5.1, 5.4.1
|
Cryptography III
(solutions) |
Thu 07/09 |
Networking Attacks - TCP and DHCP
|
Notes, section 4
Packet Capturing Demo
Optional: G&T § 5.1.3, 5.2.3, 5.3.3-5.3.4, 5.4.4; Craft § 5.3.1
|
Mon 07/13 |
Midterm
|
No discussion!
| HW4 |
Mon 07/13 |
Midterm (no lecture)
|
None
|
Tue 07/14 |
Project 2 released
|
Tue 07/14 |
TLS
|
Notes, section 5
Optional: G&T § 6.1.3 (pp. 278-284), 1.1.1, 7.1.2, 8.3
|
Wed 07/15 |
DNS
|
Notes, sections 6-7
Optional: G&T § 1.1.1, 7.1.2, 8.3
|
Network Security I
(solutions) |
Thu 07/16 |
DNSSEC
|
Notes, sections 7-8
Reliable DNS Forgery in 2008: Kaminsky’s Discovery
How DNSSEC Works
|
Mon 07/20 |
Denial of Service
|
|
Network Security II
(solutions) | HW5 |
Tue 07/21 |
Firewalls
|
Notes
Optional: G&T § 5-5.4
|
Wed 07/22 |
Project 2 design doc due (11:59pm PT)
|
Network Security III
(solutions) |
Wed 07/22 |
Intrusion Detection
|
Optional: G&T § 6.2, 6.3 intro, 6.3.3; Craft § 5.3.2
|
Thu 07/23 |
Intro to web security, Same-origin policy
|
Notes, sections 1-4
|
Mon 07/27 |
SQL Injection
|
Notes, section 5
|
Web Security I
(solutions) | HW6 |
Tue 07/28 |
XSS
|
|
Wed 07/29 |
Project 2 due (11:59pm PT)
|
Web Security II
(solutions) |
Wed 07/29 |
Cookies and Session Management
|
Notes, section 7
|
Thu 07/30 |
Project 3 released
|
Thu 07/30 |
CSRF + Phishing
|
Notes, section 8
|
Mon 08/03 |
UI Attacks
|
|
Web Security III
(solutions) | HW7 |
Tue 08/04 |
Anonymity, Tor
|
|
Wed 08/05 |
Bitcoin
|
Bitcoin Paper
|
Miscellaneous Topics
(solutions) |
Thu 08/06 |
Bitcoin
|
|
Mon 08/10 |
Project 3 due (11:59pm PT)
|
Final Review
|
|
Mon 08/10 |
Optional Lecture: COVID-19 Contact Tracing
|
Tue 08/11 |
Optional Lecture: Signal Protocol and DNA Cryptography
|
Wed 08/12 |
Optional Lecture: Using Buffer Overflows to Speedrun Super Mario Bros. 3
|
Thu 08/13 |
Final exam
|